security: geleakte Secrets aus Repo entfernen (Review-Befund k)
Secret-Scan im Fable-5-Review fand vier aktive Zugangsdaten im oeffentlich erreichbaren Gitea-Repo. Gefahrlos entfernbare Stellen: - scripts/release.ps1: Gitea-Token -> Umgebungsvariable PYRAMID_GITEA_TOKEN - docs/matrix-sdk/13-server-admin: 19x Admin-Token -> <ADMIN_TOKEN> Client-eingebettete Secrets (LiveKit apiSecret, Admin-Token im E2EE-Diagnose-Upload, Giphy-Key) brauchen Rotation + Server-Umbau und stehen als neue M0-ROADMAP-Punkte (nicht blind auf dem Pi fixbar). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -1220,3 +1220,7 @@
|
||||
2026-07-03 23:21 [Edit] /home/steggi/pyramid/PROGRESS.md
|
||||
2026-07-03 23:21 [Edit] /home/steggi/pyramid/docs/PC_TESTPLAN.md
|
||||
2026-07-03 23:22 [Edit] /home/steggi/pyramid/PROGRESS.md
|
||||
2026-07-04 03:28 [Edit] /home/steggi/pyramid/scripts/release.ps1
|
||||
2026-07-04 03:31 [Edit] /home/steggi/pyramid/PROGRESS.md
|
||||
2026-07-04 03:32 [Edit] /home/steggi/pyramid/PROGRESS.md
|
||||
2026-07-04 03:32 [Edit] /home/steggi/pyramid/ROADMAP.md
|
||||
|
||||
Reference in New Issue
Block a user